The netfilter core-team keeps a TODO list where it lists all the desired
changes / new features. You can retrieve this list via anonymous SVN,
instructions are on the netfilter Homepage. Alternatively you can also go
to
http://svn.netfilter.org/cgi-bin/cvsweb/netfilter/TODO/ using
CVSweb.

`diff -u old new' form, from outside root directory (ie. can be applied with -p1 when sitting in the untarred dir.

If you wrote a new extension, or added some new options to an old extension, it's usually
a good idea to also update the netfilter-extension-HOWTO to include that new extension/functionality description.
Additionally, it will draw more users to your extension, and will allow you to get more feedback in general.

Now you might think 'but what about libiptc?'. As has been pointed out
numerous times on the mailinglist(s), libiptc was _NEVER_ meant to be used as a
public interface. We don't guarantee a stable interface, and it is planned to
remove it in the next incarnation of linux packet filtering. libiptc is way
too low-layer to be used reasonably anyway.

We are well aware that there is a fundamental lack for such an API, and we
are working on improving that situation. Until then, it is recommended to
either use system() or open a pipe into stdin of iptables-restore. The latter
will give you a way better performance.